nepomohlo, combofix sa nespustil - neplatna aplikace ...
ale nebude ten problem v tom, ze ten subor je vedeny ako skryty a je stale spusteny?
virus, prosim pomozte
Tak už mě to ale štve 
Nabootujte do nouzovýho režimu, tz. restart pc - při spouštění (ještě před prvním logem Windowsu) mačkat F8 - vybrat stav nouze. Tam se pokuste spustit ComboFix a udělat toto:
spusťte aplikaci pod účtem s administrátorským oprávněním - následuje licenční ujednání, stiskněte klávesu 1 a potvrďte Enterem pro pokračování - začne se testovat (celá akce trvá cca. 5-10 minut, někdy i trochu déle) - během skenu se nepokoušejte spouštět žádne jiné aplikace a neklikejte do okna ComboFixu - po dokončení se automaticky otevře okno poznámkového bloku s textem (pokud se tak nestane, log je v C:\ComboFix.txt), který sem pomocí známých klávesových zkratek Ctrl + A (označení celého textu) -> Ctrl + C (uložení do jakési schránky) -> Ctrl + V (vložení textu) zkopírujte - a počkejte na další postup
VAROVÁNÍ: Pokud se vám zobrazí "CRITICAL WARNING !!" nesmíte restartovat počítač, o varování napište.
Nabootujte do nouzovýho režimu, tz. restart pc - při spouštění (ještě před prvním logem Windowsu) mačkat F8 - vybrat stav nouze. Tam se pokuste spustit ComboFix a udělat toto:
spusťte aplikaci pod účtem s administrátorským oprávněním - následuje licenční ujednání, stiskněte klávesu 1 a potvrďte Enterem pro pokračování - začne se testovat (celá akce trvá cca. 5-10 minut, někdy i trochu déle) - během skenu se nepokoušejte spouštět žádne jiné aplikace a neklikejte do okna ComboFixu - po dokončení se automaticky otevře okno poznámkového bloku s textem (pokud se tak nestane, log je v C:\ComboFix.txt), který sem pomocí známých klávesových zkratek Ctrl + A (označení celého textu) -> Ctrl + C (uložení do jakési schránky) -> Ctrl + V (vložení textu) zkopírujte - a počkejte na další postup
VAROVÁNÍ: Pokud se vám zobrazí "CRITICAL WARNING !!" nesmíte restartovat počítač, o varování napište.
-
fredik
- člen Security týmu
-
Master Level 7
- Příspěvky: 4680
- Registrován: červenec 06
- Pohlaví:
- Stav:
Offline
Pokud máš ComboFix uložený na ploše tak udělej toto:
Jdi přes Start -> Spustit... a napiš do okna tento příkaz označený modře "%userprofile%\Plocha\ComboFix.exe" /killall a dej Ok.
Kdyby nešel spustit tak zkus použít toto:
Stáhni si Deckard's System Scanner (DSS) a ulož si ho na plochu
- ukonči všechna aktivní okna a spusť ho
- potvrď licenční podmínky a postupuj podle pokynů
- začne prohlídka systému
- po ukončení kontroly program vytvoří dva logy a zobrazí je: main.txt a extra.txt, tak sem vlož obsah souboru/logu main.txt
- jinak jsou logy uloženy v adresáři: c:\Deckard\System Scanner\
Jdi přes Start -> Spustit... a napiš do okna tento příkaz označený modře "%userprofile%\Plocha\ComboFix.exe" /killall a dej Ok.
Kdyby nešel spustit tak zkus použít toto:
Stáhni si Deckard's System Scanner (DSS) a ulož si ho na plochu
- ukonči všechna aktivní okna a spusť ho
- potvrď licenční podmínky a postupuj podle pokynů
- začne prohlídka systému
- po ukončení kontroly program vytvoří dva logy a zobrazí je: main.txt a extra.txt, tak sem vlož obsah souboru/logu main.txt
- jinak jsou logy uloženy v adresáři: c:\Deckard\System Scanner\
To má na svědomí Beagle co tam má.paul27 píše:Nemáte ještě na C-čku soubor ComboFix.txt, někdy se stane, že smaže legální věci, tak třeba zlikvidoval to AVG on.
tak som to skusil s programom Deckard's System Scanner (DSS) a vysledok je main.txt:
Deckard's System Scanner v20071014.68
Run by Pali on 2008-01-19 21:59:44
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
33: 2008-01-19 20:59:52 UTC - RP78 - Deckard's System Scanner Restore Point
32: 2008-01-19 20:30:53 UTC - RP77 - Operace obnovení
31: 2008-01-19 18:21:37 UTC - RP76 - Installed SUPERAntiSpyware Free Edition
30: 2008-01-19 15:21:57 UTC - RP75 - Operace obnovení
29: 2008-01-19 13:04:54 UTC - RP74 - Spyware Terminator - restore point
-- First Restore Point --
1: 2008-01-05 20:32:47 UTC - RP46 - Removed Age of Empires III
Backed up registry hives.
Performed disk cleanup.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-01-19 22:02:54
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
I:\dss.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.sk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\Program Files\vmntoolbar\vmntoolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: T-Mobile PC Messenger - {9D940EED-467E-4732-96B3-8BAF0D5AFDFF} - C:\Program Files\PC Messenger\PCMessengerBar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar2.dll
O3 - Toolbar: T-Mobile PC Messenger - {9D940EED-467E-4732-96B3-8BAF0D5AFDFF} - C:\Program Files\PC Messenger\PCMessengerBar.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\Program Files\vmntoolbar\vmntoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar2.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} () - http://codecs.microsoft.com/codecs/i386/fhg.CAB
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shoc ... tor/sw.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.sk/buxus/docs/OnlineScanner.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_03) - http://java.sun.com/update/1.6.0/jinsta ... 586-jc.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/fl ... rashim.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shoc ... wflash.cab
O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: AtiExtEvent - C:\WINDOWS\system32\
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgemc.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\FirebirdSQL15\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\FirebirdSQL15\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - Unknown owner - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: XAMPP Service (XAMPP) - Unknown owner - C:\xampp\service.exe
--
End of file - 8055 bytes
-- HijackThis Fixed Entries (I:\\backups\) -------------------------------------
backup-20080119-185220-819 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
backup-20080119-185221-184 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
backup-20080119-185221-148 O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
backup-20080119-185222-676 O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll (file missing)
backup-20080119-185222-957 O3 - Toolbar: (no name) - {755F5DB1-A38D-476f-A4EB-4F7FA1DBB5CE} - (no file)
backup-20080119-185223-349 O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
backup-20080119-185224-218 O3 - Toolbar: QT TabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - mscoree.dll (file missing)
backup-20080119-185224-883 O3 - Toolbar: QT Tab Standard Buttons - {D2BF470E-ED1C-487F-A666-2BD8835EB6CE} - mscoree.dll (file missing)
backup-20080119-185225-154 O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
backup-20080119-185226-308 O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
backup-20080119-185227-442 O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
backup-20080119-185228-512 O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 BsStor (B.H.A Storage Helper Driver) - c:\windows\system32\drivers\bsstor.sys <Not Verified; B.H.A Co.,Ltd.; >
R0 VClone - c:\windows\system32\drivers\vclone.sys <Not Verified; Elaborate Bytes AG; Virtual CloneDrive>
R1 cdrbsdrv - c:\windows\system32\drivers\cdrbsdrv.sys <Not Verified; B.H.A Corporation; B's Recorder GOLD>
R1 cdrbsvsd - c:\windows\system32\drivers\cdrbsvsd.sys <Not Verified; B.H.A Corporation; B's Recorder GOLD7>
R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL - c:\program files\superantispyware\saskutil.sys
R1 srosa (Megadrv3) - c:\windows\system32\drivers\srosa.sys
R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.5.3.0) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.5.3.0>
R2 ElbyCDIO (ElbyCDIO Driver) - c:\windows\system32\drivers\elbycdio.sys <Not Verified; Elaborate Bytes AG; CDRTools>
R2 extradrv (Extra Driver) - c:\windows\system32\drivers\extradrv.sys
R3 ElbyDelay - c:\windows\system32\drivers\elbydelay.sys <Not Verified; Elaborate Bytes AG; CDRTools>
R3 Pcatip - c:\windows\system32\drivers\pcatip.sys <Not Verified; VSO Software; Patin-Couffin Autoplay(tm) support driver>
R3 Pcouffin (Low level access layer for CD devices) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
S2 RadPciNT - c:\windows\system32\drivers\radpcint.sys <Not Verified; MediaForte Products Pte. Ltd.; RadioAKTIV>
S2 ramdrive (RAM Driver) - c:\windows\system32\drivers\ramdrive.sys
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
S2 a2free (a-squared Free Service) - "c:\program files\a-squared free\a2service.exe" <Not Verified; Emsi Software GmbH; a-squared>
S2 FirebirdGuardianDefaultInstance (Firebird Guardian - DefaultInstance) - c:\program files\firebirdsql15\bin\fbguard.exe -s <Not Verified; The Firebird Project; Firebird SQL Server>
S2 XAMPP (XAMPP Service) - c:\xampp\service.exe
S3 FirebirdServerDefaultInstance (Firebird Server - DefaultInstance) - c:\program files\firebirdsql15\bin\fbserver.exe -s <Not Verified; The Firebird Project; Firebird SQL Server>
S3 TUWinStylerThemeSvc (TuneUp WinStyler Theme Service) - "c:\program files\tuneup utilities 2006\winstylerthemesvc.exe" (file missing)
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-01-18 17:15:00 388 --a------ C:\WINDOWS\Tasks\1-Click Maintenance.job
-- Files created between 2007-12-19 and 2008-01-19 -----------------------------
2008-01-19 20:53:41 0 d-------- C:\!KillBox
2008-01-19 19:21:38 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-01-19 16:07:24 722368 --a------ C:\Documents and Settings\Pali\SOUNDMAN.EXE
2008-01-19 12:42:36 0 d-------- C:\Program Files\DBF Converter
2008-01-19 12:06:10 0 d-------- C:\Program Files\Exportizer
2008-01-19 11:46:13 53248 --a------ C:\WINDOWS\Deploy.dll <Not Verified; PivotWare Lab; PivotCube deploy module>
2008-01-19 11:45:39 0 d-------- C:\Program Files\PivotCube VCL
2008-01-19 11:45:21 796672 --a------ C:\WINDOWS\GPInstall.exe <Not Verified; Qsc; GP-Install>
2008-01-18 23:52:31 0 d-------- C:\Program Files\MediaKreator
2008-01-18 22:35:13 0 d--hs---- C:\Documents and Settings\Pali\Recent
2008-01-18 22:15:30 0 d-------- C:\Program Files\CCleaner
2008-01-18 19:04:18 0 d-------- C:\Program Files\EsetOnlineScanner
2008-01-18 18:19:50 0 d-------- C:\Program Files\XMLStomper
2008-01-16 21:42:39 0 d-------- C:\Program Files\Teroid Software
2008-01-16 21:30:49 0 d-------- C:\Documents and Settings\Pali\.sysdb20
2008-01-16 21:30:46 0 d-------- C:\Documents and Settings\Pali\.editix
2008-01-16 21:29:41 0 d-------- C:\Program Files\XML Notepad 2007
2008-01-16 21:29:31 0 d-------- C:\Program Files\RustemSoft
2008-01-16 21:29:20 0 d-------- C:\Program Files\editix(2)
2008-01-16 21:19:01 0 d-------- C:\Program Files\XMLEditor
2008-01-15 17:50:17 0 d-------- C:\WINDOWS\system32\cs-cz
2008-01-15 17:50:08 0 d-------- C:\WINDOWS\Offline Web Pages
2008-01-15 17:43:10 0 d-------- C:\WINDOWS\network diagnostic
2008-01-10 17:41:18 9699328 --a------ C:\Documents and Settings\Pali\ntuser.dat
2008-01-08 16:03:48 0 d-------- C:\Documents and Settings\Pali\.thumb
2008-01-08 16:03:36 0 d-------- C:\Program Files\DVDStyler
2008-01-07 19:03:37 0 d-------- C:\Zaloha
2008-01-07 19:00:13 0 d-------- C:\Program Files\FirebirdSQL15
2008-01-07 19:00:11 0 d-------- C:\Program Files\EasyIS
2008-01-07 18:45:12 0 d-------- C:\Element
2008-01-06 15:49:00 0 d-------- C:\Program Files\Common Files\Java
2008-01-05 20:37:46 0 d-------- C:\Program Files\AusLogics Disk Defrag
2008-01-05 13:19:14 0 d-------- C:\Program Files\humanIT
2008-01-03 20:13:19 0 d-------- C:\Program Files\Optimik
2008-01-02 20:21:52 0 d-------- C:\Program Files\Photo DVD Maker Professional
2008-01-02 17:20:46 0 d-------- C:\Program Files\Photo Story 3 for Windows
2008-01-01 20:12:21 0 d-------- C:\Program Files\FTP Commander Deluxe
2008-01-01 19:23:11 0 d-------- C:\Program Files\WinSCP
2008-01-01 16:32:33 0 d-------- C:\Program Files\microsoft sql server
2007-12-29 08:58:39 0 d-------- C:\Program Files\Microsoft Silverlight
2007-12-29 08:58:24 0 d-------- C:\Program Files\Microsoft Synchronization Services
2007-12-29 08:58:23 0 d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2007-12-29 08:53:09 0 d-------- C:\Program Files\Microsoft Visual Studio 9.0
2007-12-29 08:52:22 0 d-------- C:\Program Files\Microsoft SDKs
2007-12-29 08:50:18 0 d-------- C:\Program Files\MSBuild
2007-12-29 08:50:09 0 d-------- C:\WINDOWS\system32\XPSViewer
2007-12-29 08:50:01 0 d-------- C:\Program Files\Reference Assemblies
2007-12-28 21:24:19 0 d-------- C:\Program Files\Excel Compare
2007-12-27 18:22:24 0 d-------- C:\Program Files\BurnAware Free Edition
2007-12-27 17:12:29 0 d-------- C:\Program Files\MSECache
2007-12-19 17:18:46 0 d-------- C:\Program Files\a-squared Free
-- Find3M Report ---------------------------------------------------------------
2008-01-19 21:39:08 0 d-------- C:\Documents and Settings\Pali\Data aplikací\vmntoolbar
2008-01-19 19:21:38 0 d-------- C:\Documents and Settings\Pali\Data aplikací\SUPERAntiSpyware.com
2008-01-19 19:21:16 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-19 14:48:53 0 d-------- C:\Program Files\Arovax AntiSpyware
2008-01-19 14:02:58 0 d-------- C:\Program Files\Crossword Compiler 8
2008-01-19 13:49:01 0 d-------- C:\Program Files\MZ Manager 2
2008-01-19 00:26:05 0 d-------- C:\Program Files\Opera 9.5 beta
2008-01-18 22:36:43 0 d-------- C:\Program Files\SokkerViewer
2008-01-16 21:04:21 0 d-------- C:\Documents and Settings\Pali\Data aplikací\Skype
2008-01-07 19:35:41 0 d-------- C:\Program Files\ITStudio
2008-01-06 15:50:40 0 d-------- C:\Program Files\Java
2008-01-06 15:49:00 0 d-a------ C:\Program Files\Common Files
2008-01-05 22:26:50 0 d-------- C:\Program Files\DupKiller
2008-01-05 21:41:20 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-01-05 20:37:52 0 d-------- C:\Documents and Settings\Pali\Data aplikací\Auslogics
2008-01-03 19:59:14 0 d-------- C:\Program Files\Avant Browser
2008-01-01 19:05:25 0 d-------- C:\Documents and Settings\Pali\Data aplikací\AVG7
2008-01-01 18:57:14 0 d-------- C:\Documents and Settings\Pali\Data aplikací\Google
2007-12-29 08:56:32 442546 --a------ C:\WINDOWS\system32\perfh005.dat
2007-12-29 08:56:32 84724 --a------ C:\WINDOWS\system32\perfc005.dat
2007-12-27 18:24:57 138 --a------ C:\Documents and Settings\Pali\Data aplikací\burnaware.ini
2007-12-25 18:38:48 0 d-------- C:\Documents and Settings\Pali\Data aplikací\Adobe
2007-12-25 18:30:23 0 d-------- C:\Program Files\Google
2007-12-25 17:12:22 0 d-------- C:\Documents and Settings\Pali\Data aplikací\Spamihilator
2007-12-19 18:33:01 0 d-------- C:\Program Files\ConnectionServices
2007-12-09 20:00:39 0 d-------- C:\Program Files\Gham
2007-12-08 20:04:37 0 d-------- C:\Program Files\CDBFW
2007-12-08 12:54:21 0 d-------- C:\Documents and Settings\Pali\Data aplikací\stickies
2007-12-08 12:51:03 0 d-------- C:\Program Files\TuneUp Utilities 2007
2007-12-08 12:02:10 0 d-------- C:\Program Files\Evrsoft First Page 2006
2007-12-08 11:41:13 0 d-------- C:\Program Files\CoffeeCup Software
2007-12-08 11:39:43 0 d-------- C:\Program Files\vmntoolbar
2007-12-08 11:18:46 0 d-------- C:\Program Files\Trellian
2007-12-07 18:37:04 0 d-------- C:\Program Files\Crossword Compiler 81
2007-12-05 21:33:02 0 d-------- C:\Program Files\UnderCoverXP
2007-12-04 20:30:29 0 d-------- C:\Program Files\Spamihilator
2007-12-03 21:41:53 0 d-------- C:\Documents and Settings\Pali\Data aplikací\ICQ
2007-12-03 19:55:14 0 d-------- C:\Documents and Settings\Pali\Data aplikací\Thinstall
2007-12-02 17:36:17 0 d-------- C:\Program Files\Hattrick Manager
2007-12-01 19:08:28 0 d-------- C:\Program Files\Hattrick Forever
2007-11-30 23:04:37 0 d-------- C:\Program Files\COMPARE IT!
2007-11-29 19:02:14 0 d-------- C:\Program Files\Netscape
2007-11-29 18:57:40 0 d-------- C:\Documents and Settings\Pali\Data aplikací\Netscape
2007-11-28 22:50:35 0 d-------- C:\Documents and Settings\Pali\Data aplikací\Prism
2007-11-27 22:38:49 0 d-------- C:\Documents and Settings\Pali\Data aplikací\ICQ Toolbar
2007-11-27 20:06:12 0 d-------- C:\Program Files\ICQ6
2007-11-27 20:02:43 0 d-------- C:\Documents and Settings\Pali\Data aplikací\InstallShield
2007-11-27 18:35:20 0 d-------- C:\Program Files\xBaseView
2007-11-27 18:27:25 0 d-------- C:\Program Files\DBF Viewer 2000
2007-11-27 16:02:18 25 --a------ C:\Documents and Settings\Pali\Data aplikací\Resize! preferences
2007-11-26 19:18:07 0 d-------- C:\Program Files\Crossword Compiler 6
2007-11-24 20:36:10 0 d-------- C:\Program Files\Peetee Software
2007-11-24 20:07:56 0 d-------- C:\Documents and Settings\Pali\Data aplikací\pokerth
2007-11-24 18:13:24 0 d-------- C:\Program Files\HattrickPoli
2007-11-24 10:47:47 0 d-------- C:\Documents and Settings\Pali\Data aplikací\Nitro PDF
2007-11-23 18:15:28 0 d-------- C:\Program Files\Foxit Software
2007-11-22 18:49:31 39424 --a------ C:\WINDOWS\zipinst.exe <Not Verified; NirSoft; ZipInstaller>
2007-11-19 19:32:19 0 -rahs---- C:\MSDOS.SYS
2007-11-19 19:32:19 0 -rahs---- C:\IO.SYS
2007-11-18 20:23:43 737280 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2007-11-17 08:39:53 1024 --a------ C:\WINDOWS\system32\ceddp88.dat
2007-11-16 21:23:32 26 --a------ C:\WINDOWS\SW_Win2146X32.DLL
2007-11-16 21:16:09 72704 --a------ C:\WINDOWS\cadkasdeinst01e.exe
2007-11-16 19:58:58 1024 --a------ C:\WINDOWS\system32\pdf2word.DAT
2007-10-31 18:16:46 249856 --a------ C:\WINDOWS\system32\pdfmona.dll <Not Verified; TODO: <Company name>; TODO: <Product name>>
2007-10-31 18:16:46 51716 --a------ C:\WINDOWS\system32\pdf995mon.dll
2007-10-22 16:05:01 73216 -----n--- C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9D940EED-467E-4732-96B3-8BAF0D5AFDFF}]
18. 10. 2006 11:00 114688 --a------ C:\Program Files\PC Messenger\PCMessengerBar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [19. 01. 2008 20:30]
"SoundMan"="SOUNDMAN.EXE" [02. 08. 2002 12:00 C:\WINDOWS\SOUNDMAN.EXE]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [16. 01. 2007 19:57]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [25. 09. 2007 01:11]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [17. 08. 2004 14:49]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [21. 06. 2007 14:06]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=0 (0x0)
"NoSecCpl"=0 (0x0)
"DisableChangePassword"=0 (0x0)
"DisableLockWorkstation"=0 (0x0)
"NoDispCpl"=0 (0x0)
"NoDispScrSavPage"=0 (0x0)
"NoDispSettingsPage"=0 (0x0)
"NoVisualStyleChoice"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"NoResolveSearch"=1 (0x1)
"NoResolveTrack"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoChangeStartMenu"=0 (0x0)
"NoClose"=0 (0x0)
"NoLogOff"=0 (0x0)
"NoPrinterTabs"=0 (0x0)
"NoDeletePrinter"=0 (0x0)
"NoAddPrinter"=0 (0x0)
"NoPrinters"=0 (0x0)
"NoNetworkConnections"=0 (0x0)
"NoFavoritesMenu"=0 (0x0)
"NoRun"=0 (0x0)
"NoFind"=0 (0x0)
"NoCommonGroups"=0 (0x0)
"NoSetFolders"=0 (0x0)
"NoSMHelp"=0 (0x0)
"NoFileMenu"=0 (0x0)
"NoShellSearchButton"=0 (0x0)
"NoToolbarCustomize"=0 (0x0)
"NoRecentDocsNetHood"=0 (0x0)
"NoChangeAnimation"=0 (0x0)
"NoChangeKeyboardNavigationIndicators"=0 (0x0)
"NoThemesTab"=0 (0x0)
"HideClock"=0 (0x0)
"NoManageMyComputerVerb"=0 (0x0)
"NoLowDiskSpaceChecks"=0 (0x0)
"NoStartMenuPinnedList"=0 (0x0)
"NoStartMenuMFUprogramsList"=0 (0x0)
"NoUserNameInStartMenu"=0 (0x0)
"StartmenuLogoff"=0 (0x0)
"NoStartMenuSubFolders"=0 (0x0)
"NoRecentDocsMenu"=0 (0x0)
"ClearRecentDocsOnExit"=0 (0x0)
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"NoResolveTrack"=1 (0x1)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"= D:\Programy\Portable\PORTAB~1.9\DVDShell.dll [10. 10. 2004 00:18 49152]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [20. 12. 2006 13:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 19. 04. 2007 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\taskmgr.exe]
Debugger=D:\P2P\RevConnect\Downloads\procexp.exe
SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^AirLive Turbo-G Wireless Utility.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\AirLive Turbo-G Wireless Utility.lnk
backup=C:\WINDOWS\pss\AirLive Turbo-G Wireless Utility.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Spamihilator"="C:\Program Files\Spamihilator\spamihilator.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Schedule
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\Z]
AutoRun\command- Z:\INSTALL.EXE
-- End of Deckard's System Scanner: finished at 2008-01-19 22:03:54 ------------
Deckard's System Scanner v20071014.68
Run by Pali on 2008-01-19 21:59:44
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
33: 2008-01-19 20:59:52 UTC - RP78 - Deckard's System Scanner Restore Point
32: 2008-01-19 20:30:53 UTC - RP77 - Operace obnovení
31: 2008-01-19 18:21:37 UTC - RP76 - Installed SUPERAntiSpyware Free Edition
30: 2008-01-19 15:21:57 UTC - RP75 - Operace obnovení
29: 2008-01-19 13:04:54 UTC - RP74 - Spyware Terminator - restore point
-- First Restore Point --
1: 2008-01-05 20:32:47 UTC - RP46 - Removed Age of Empires III
Backed up registry hives.
Performed disk cleanup.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-01-19 22:02:54
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
I:\dss.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.sk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\Program Files\vmntoolbar\vmntoolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: T-Mobile PC Messenger - {9D940EED-467E-4732-96B3-8BAF0D5AFDFF} - C:\Program Files\PC Messenger\PCMessengerBar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar2.dll
O3 - Toolbar: T-Mobile PC Messenger - {9D940EED-467E-4732-96B3-8BAF0D5AFDFF} - C:\Program Files\PC Messenger\PCMessengerBar.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\Program Files\vmntoolbar\vmntoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar2.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} () - http://codecs.microsoft.com/codecs/i386/fhg.CAB
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shoc ... tor/sw.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.sk/buxus/docs/OnlineScanner.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_03) - http://java.sun.com/update/1.6.0/jinsta ... 586-jc.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/fl ... rashim.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shoc ... wflash.cab
O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: AtiExtEvent - C:\WINDOWS\system32\
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgemc.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\FirebirdSQL15\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\FirebirdSQL15\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - Unknown owner - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: XAMPP Service (XAMPP) - Unknown owner - C:\xampp\service.exe
--
End of file - 8055 bytes
-- HijackThis Fixed Entries (I:\\backups\) -------------------------------------
backup-20080119-185220-819 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
backup-20080119-185221-184 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
backup-20080119-185221-148 O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
backup-20080119-185222-676 O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll (file missing)
backup-20080119-185222-957 O3 - Toolbar: (no name) - {755F5DB1-A38D-476f-A4EB-4F7FA1DBB5CE} - (no file)
backup-20080119-185223-349 O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
backup-20080119-185224-218 O3 - Toolbar: QT TabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - mscoree.dll (file missing)
backup-20080119-185224-883 O3 - Toolbar: QT Tab Standard Buttons - {D2BF470E-ED1C-487F-A666-2BD8835EB6CE} - mscoree.dll (file missing)
backup-20080119-185225-154 O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
backup-20080119-185226-308 O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
backup-20080119-185227-442 O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
backup-20080119-185228-512 O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 BsStor (B.H.A Storage Helper Driver) - c:\windows\system32\drivers\bsstor.sys <Not Verified; B.H.A Co.,Ltd.; >
R0 VClone - c:\windows\system32\drivers\vclone.sys <Not Verified; Elaborate Bytes AG; Virtual CloneDrive>
R1 cdrbsdrv - c:\windows\system32\drivers\cdrbsdrv.sys <Not Verified; B.H.A Corporation; B's Recorder GOLD>
R1 cdrbsvsd - c:\windows\system32\drivers\cdrbsvsd.sys <Not Verified; B.H.A Corporation; B's Recorder GOLD7>
R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL - c:\program files\superantispyware\saskutil.sys
R1 srosa (Megadrv3) - c:\windows\system32\drivers\srosa.sys
R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.5.3.0) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.5.3.0>
R2 ElbyCDIO (ElbyCDIO Driver) - c:\windows\system32\drivers\elbycdio.sys <Not Verified; Elaborate Bytes AG; CDRTools>
R2 extradrv (Extra Driver) - c:\windows\system32\drivers\extradrv.sys
R3 ElbyDelay - c:\windows\system32\drivers\elbydelay.sys <Not Verified; Elaborate Bytes AG; CDRTools>
R3 Pcatip - c:\windows\system32\drivers\pcatip.sys <Not Verified; VSO Software; Patin-Couffin Autoplay(tm) support driver>
R3 Pcouffin (Low level access layer for CD devices) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
S2 RadPciNT - c:\windows\system32\drivers\radpcint.sys <Not Verified; MediaForte Products Pte. Ltd.; RadioAKTIV>
S2 ramdrive (RAM Driver) - c:\windows\system32\drivers\ramdrive.sys
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
S2 a2free (a-squared Free Service) - "c:\program files\a-squared free\a2service.exe" <Not Verified; Emsi Software GmbH; a-squared>
S2 FirebirdGuardianDefaultInstance (Firebird Guardian - DefaultInstance) - c:\program files\firebirdsql15\bin\fbguard.exe -s <Not Verified; The Firebird Project; Firebird SQL Server>
S2 XAMPP (XAMPP Service) - c:\xampp\service.exe
S3 FirebirdServerDefaultInstance (Firebird Server - DefaultInstance) - c:\program files\firebirdsql15\bin\fbserver.exe -s <Not Verified; The Firebird Project; Firebird SQL Server>
S3 TUWinStylerThemeSvc (TuneUp WinStyler Theme Service) - "c:\program files\tuneup utilities 2006\winstylerthemesvc.exe" (file missing)
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-01-18 17:15:00 388 --a------ C:\WINDOWS\Tasks\1-Click Maintenance.job
-- Files created between 2007-12-19 and 2008-01-19 -----------------------------
2008-01-19 20:53:41 0 d-------- C:\!KillBox
2008-01-19 19:21:38 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-01-19 16:07:24 722368 --a------ C:\Documents and Settings\Pali\SOUNDMAN.EXE
2008-01-19 12:42:36 0 d-------- C:\Program Files\DBF Converter
2008-01-19 12:06:10 0 d-------- C:\Program Files\Exportizer
2008-01-19 11:46:13 53248 --a------ C:\WINDOWS\Deploy.dll <Not Verified; PivotWare Lab; PivotCube deploy module>
2008-01-19 11:45:39 0 d-------- C:\Program Files\PivotCube VCL
2008-01-19 11:45:21 796672 --a------ C:\WINDOWS\GPInstall.exe <Not Verified; Qsc; GP-Install>
2008-01-18 23:52:31 0 d-------- C:\Program Files\MediaKreator
2008-01-18 22:35:13 0 d--hs---- C:\Documents and Settings\Pali\Recent
2008-01-18 22:15:30 0 d-------- C:\Program Files\CCleaner
2008-01-18 19:04:18 0 d-------- C:\Program Files\EsetOnlineScanner
2008-01-18 18:19:50 0 d-------- C:\Program Files\XMLStomper
2008-01-16 21:42:39 0 d-------- C:\Program Files\Teroid Software
2008-01-16 21:30:49 0 d-------- C:\Documents and Settings\Pali\.sysdb20
2008-01-16 21:30:46 0 d-------- C:\Documents and Settings\Pali\.editix
2008-01-16 21:29:41 0 d-------- C:\Program Files\XML Notepad 2007
2008-01-16 21:29:31 0 d-------- C:\Program Files\RustemSoft
2008-01-16 21:29:20 0 d-------- C:\Program Files\editix(2)
2008-01-16 21:19:01 0 d-------- C:\Program Files\XMLEditor
2008-01-15 17:50:17 0 d-------- C:\WINDOWS\system32\cs-cz
2008-01-15 17:50:08 0 d-------- C:\WINDOWS\Offline Web Pages
2008-01-15 17:43:10 0 d-------- C:\WINDOWS\network diagnostic
2008-01-10 17:41:18 9699328 --a------ C:\Documents and Settings\Pali\ntuser.dat
2008-01-08 16:03:48 0 d-------- C:\Documents and Settings\Pali\.thumb
2008-01-08 16:03:36 0 d-------- C:\Program Files\DVDStyler
2008-01-07 19:03:37 0 d-------- C:\Zaloha
2008-01-07 19:00:13 0 d-------- C:\Program Files\FirebirdSQL15
2008-01-07 19:00:11 0 d-------- C:\Program Files\EasyIS
2008-01-07 18:45:12 0 d-------- C:\Element
2008-01-06 15:49:00 0 d-------- C:\Program Files\Common Files\Java
2008-01-05 20:37:46 0 d-------- C:\Program Files\AusLogics Disk Defrag
2008-01-05 13:19:14 0 d-------- C:\Program Files\humanIT
2008-01-03 20:13:19 0 d-------- C:\Program Files\Optimik
2008-01-02 20:21:52 0 d-------- C:\Program Files\Photo DVD Maker Professional
2008-01-02 17:20:46 0 d-------- C:\Program Files\Photo Story 3 for Windows
2008-01-01 20:12:21 0 d-------- C:\Program Files\FTP Commander Deluxe
2008-01-01 19:23:11 0 d-------- C:\Program Files\WinSCP
2008-01-01 16:32:33 0 d-------- C:\Program Files\microsoft sql server
2007-12-29 08:58:39 0 d-------- C:\Program Files\Microsoft Silverlight
2007-12-29 08:58:24 0 d-------- C:\Program Files\Microsoft Synchronization Services
2007-12-29 08:58:23 0 d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2007-12-29 08:53:09 0 d-------- C:\Program Files\Microsoft Visual Studio 9.0
2007-12-29 08:52:22 0 d-------- C:\Program Files\Microsoft SDKs
2007-12-29 08:50:18 0 d-------- C:\Program Files\MSBuild
2007-12-29 08:50:09 0 d-------- C:\WINDOWS\system32\XPSViewer
2007-12-29 08:50:01 0 d-------- C:\Program Files\Reference Assemblies
2007-12-28 21:24:19 0 d-------- C:\Program Files\Excel Compare
2007-12-27 18:22:24 0 d-------- C:\Program Files\BurnAware Free Edition
2007-12-27 17:12:29 0 d-------- C:\Program Files\MSECache
2007-12-19 17:18:46 0 d-------- C:\Program Files\a-squared Free
-- Find3M Report ---------------------------------------------------------------
2008-01-19 21:39:08 0 d-------- C:\Documents and Settings\Pali\Data aplikací\vmntoolbar
2008-01-19 19:21:38 0 d-------- C:\Documents and Settings\Pali\Data aplikací\SUPERAntiSpyware.com
2008-01-19 19:21:16 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-19 14:48:53 0 d-------- C:\Program Files\Arovax AntiSpyware
2008-01-19 14:02:58 0 d-------- C:\Program Files\Crossword Compiler 8
2008-01-19 13:49:01 0 d-------- C:\Program Files\MZ Manager 2
2008-01-19 00:26:05 0 d-------- C:\Program Files\Opera 9.5 beta
2008-01-18 22:36:43 0 d-------- C:\Program Files\SokkerViewer
2008-01-16 21:04:21 0 d-------- C:\Documents and Settings\Pali\Data aplikací\Skype
2008-01-07 19:35:41 0 d-------- C:\Program Files\ITStudio
2008-01-06 15:50:40 0 d-------- C:\Program Files\Java
2008-01-06 15:49:00 0 d-a------ C:\Program Files\Common Files
2008-01-05 22:26:50 0 d-------- C:\Program Files\DupKiller
2008-01-05 21:41:20 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-01-05 20:37:52 0 d-------- C:\Documents and Settings\Pali\Data aplikací\Auslogics
2008-01-03 19:59:14 0 d-------- C:\Program Files\Avant Browser
2008-01-01 19:05:25 0 d-------- C:\Documents and Settings\Pali\Data aplikací\AVG7
2008-01-01 18:57:14 0 d-------- C:\Documents and Settings\Pali\Data aplikací\Google
2007-12-29 08:56:32 442546 --a------ C:\WINDOWS\system32\perfh005.dat
2007-12-29 08:56:32 84724 --a------ C:\WINDOWS\system32\perfc005.dat
2007-12-27 18:24:57 138 --a------ C:\Documents and Settings\Pali\Data aplikací\burnaware.ini
2007-12-25 18:38:48 0 d-------- C:\Documents and Settings\Pali\Data aplikací\Adobe
2007-12-25 18:30:23 0 d-------- C:\Program Files\Google
2007-12-25 17:12:22 0 d-------- C:\Documents and Settings\Pali\Data aplikací\Spamihilator
2007-12-19 18:33:01 0 d-------- C:\Program Files\ConnectionServices
2007-12-09 20:00:39 0 d-------- C:\Program Files\Gham
2007-12-08 20:04:37 0 d-------- C:\Program Files\CDBFW
2007-12-08 12:54:21 0 d-------- C:\Documents and Settings\Pali\Data aplikací\stickies
2007-12-08 12:51:03 0 d-------- C:\Program Files\TuneUp Utilities 2007
2007-12-08 12:02:10 0 d-------- C:\Program Files\Evrsoft First Page 2006
2007-12-08 11:41:13 0 d-------- C:\Program Files\CoffeeCup Software
2007-12-08 11:39:43 0 d-------- C:\Program Files\vmntoolbar
2007-12-08 11:18:46 0 d-------- C:\Program Files\Trellian
2007-12-07 18:37:04 0 d-------- C:\Program Files\Crossword Compiler 81
2007-12-05 21:33:02 0 d-------- C:\Program Files\UnderCoverXP
2007-12-04 20:30:29 0 d-------- C:\Program Files\Spamihilator
2007-12-03 21:41:53 0 d-------- C:\Documents and Settings\Pali\Data aplikací\ICQ
2007-12-03 19:55:14 0 d-------- C:\Documents and Settings\Pali\Data aplikací\Thinstall
2007-12-02 17:36:17 0 d-------- C:\Program Files\Hattrick Manager
2007-12-01 19:08:28 0 d-------- C:\Program Files\Hattrick Forever
2007-11-30 23:04:37 0 d-------- C:\Program Files\COMPARE IT!
2007-11-29 19:02:14 0 d-------- C:\Program Files\Netscape
2007-11-29 18:57:40 0 d-------- C:\Documents and Settings\Pali\Data aplikací\Netscape
2007-11-28 22:50:35 0 d-------- C:\Documents and Settings\Pali\Data aplikací\Prism
2007-11-27 22:38:49 0 d-------- C:\Documents and Settings\Pali\Data aplikací\ICQ Toolbar
2007-11-27 20:06:12 0 d-------- C:\Program Files\ICQ6
2007-11-27 20:02:43 0 d-------- C:\Documents and Settings\Pali\Data aplikací\InstallShield
2007-11-27 18:35:20 0 d-------- C:\Program Files\xBaseView
2007-11-27 18:27:25 0 d-------- C:\Program Files\DBF Viewer 2000
2007-11-27 16:02:18 25 --a------ C:\Documents and Settings\Pali\Data aplikací\Resize! preferences
2007-11-26 19:18:07 0 d-------- C:\Program Files\Crossword Compiler 6
2007-11-24 20:36:10 0 d-------- C:\Program Files\Peetee Software
2007-11-24 20:07:56 0 d-------- C:\Documents and Settings\Pali\Data aplikací\pokerth
2007-11-24 18:13:24 0 d-------- C:\Program Files\HattrickPoli
2007-11-24 10:47:47 0 d-------- C:\Documents and Settings\Pali\Data aplikací\Nitro PDF
2007-11-23 18:15:28 0 d-------- C:\Program Files\Foxit Software
2007-11-22 18:49:31 39424 --a------ C:\WINDOWS\zipinst.exe <Not Verified; NirSoft; ZipInstaller>
2007-11-19 19:32:19 0 -rahs---- C:\MSDOS.SYS
2007-11-19 19:32:19 0 -rahs---- C:\IO.SYS
2007-11-18 20:23:43 737280 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2007-11-17 08:39:53 1024 --a------ C:\WINDOWS\system32\ceddp88.dat
2007-11-16 21:23:32 26 --a------ C:\WINDOWS\SW_Win2146X32.DLL
2007-11-16 21:16:09 72704 --a------ C:\WINDOWS\cadkasdeinst01e.exe
2007-11-16 19:58:58 1024 --a------ C:\WINDOWS\system32\pdf2word.DAT
2007-10-31 18:16:46 249856 --a------ C:\WINDOWS\system32\pdfmona.dll <Not Verified; TODO: <Company name>; TODO: <Product name>>
2007-10-31 18:16:46 51716 --a------ C:\WINDOWS\system32\pdf995mon.dll
2007-10-22 16:05:01 73216 -----n--- C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9D940EED-467E-4732-96B3-8BAF0D5AFDFF}]
18. 10. 2006 11:00 114688 --a------ C:\Program Files\PC Messenger\PCMessengerBar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [19. 01. 2008 20:30]
"SoundMan"="SOUNDMAN.EXE" [02. 08. 2002 12:00 C:\WINDOWS\SOUNDMAN.EXE]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [16. 01. 2007 19:57]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [25. 09. 2007 01:11]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [17. 08. 2004 14:49]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [21. 06. 2007 14:06]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=0 (0x0)
"NoSecCpl"=0 (0x0)
"DisableChangePassword"=0 (0x0)
"DisableLockWorkstation"=0 (0x0)
"NoDispCpl"=0 (0x0)
"NoDispScrSavPage"=0 (0x0)
"NoDispSettingsPage"=0 (0x0)
"NoVisualStyleChoice"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"NoResolveSearch"=1 (0x1)
"NoResolveTrack"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoChangeStartMenu"=0 (0x0)
"NoClose"=0 (0x0)
"NoLogOff"=0 (0x0)
"NoPrinterTabs"=0 (0x0)
"NoDeletePrinter"=0 (0x0)
"NoAddPrinter"=0 (0x0)
"NoPrinters"=0 (0x0)
"NoNetworkConnections"=0 (0x0)
"NoFavoritesMenu"=0 (0x0)
"NoRun"=0 (0x0)
"NoFind"=0 (0x0)
"NoCommonGroups"=0 (0x0)
"NoSetFolders"=0 (0x0)
"NoSMHelp"=0 (0x0)
"NoFileMenu"=0 (0x0)
"NoShellSearchButton"=0 (0x0)
"NoToolbarCustomize"=0 (0x0)
"NoRecentDocsNetHood"=0 (0x0)
"NoChangeAnimation"=0 (0x0)
"NoChangeKeyboardNavigationIndicators"=0 (0x0)
"NoThemesTab"=0 (0x0)
"HideClock"=0 (0x0)
"NoManageMyComputerVerb"=0 (0x0)
"NoLowDiskSpaceChecks"=0 (0x0)
"NoStartMenuPinnedList"=0 (0x0)
"NoStartMenuMFUprogramsList"=0 (0x0)
"NoUserNameInStartMenu"=0 (0x0)
"StartmenuLogoff"=0 (0x0)
"NoStartMenuSubFolders"=0 (0x0)
"NoRecentDocsMenu"=0 (0x0)
"ClearRecentDocsOnExit"=0 (0x0)
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"NoResolveTrack"=1 (0x1)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"= D:\Programy\Portable\PORTAB~1.9\DVDShell.dll [10. 10. 2004 00:18 49152]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [20. 12. 2006 13:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 19. 04. 2007 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\taskmgr.exe]
Debugger=D:\P2P\RevConnect\Downloads\procexp.exe
SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^AirLive Turbo-G Wireless Utility.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\AirLive Turbo-G Wireless Utility.lnk
backup=C:\WINDOWS\pss\AirLive Turbo-G Wireless Utility.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Spamihilator"="C:\Program Files\Spamihilator\spamihilator.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Schedule
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\Z]
AutoRun\command- Z:\INSTALL.EXE
-- End of Deckard's System Scanner: finished at 2008-01-19 22:03:54 ------------
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43294
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
RE:
Počkej do zítra na fredika.Chtělo by to program XP Repair na obnovu registrů, ale není zadarmo.Nebo zkusit Win manager XP, ale raději počkej do zítra...
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 122 hostů